You can add, edit, and delete existing NSX NAT rules in a deployed one-to-many NAT network. You can also change the order in which the NAT rules are processed.

For information about the NAT rules, see Creating and Using NAT Rules and Add an On-Demand NAT or On-Demand Routed Network Component.

The Change NAT Rules operation is not supported for deployments that were upgraded or migrated from vRealize Automation 6.2.x to this vRealize Automation release.

You cannot add a NAT rule to a deployment that is mapped to a third-party IPAM endpoint such as Infoblox.

See the vRealize Automation release notes for any known issues.


  • Log in to the vRealize Automation console as a machine owner, support user, business group user with a shared access role, or business group manager.

  • Verify that you are entitled to change NAT rules in a network.

  • The NAT network must be configured as a NAT one-to-many network. The action is not available for NAT one-to-one networks. See


  1. Select Items > Deployment.
  2. Locate the deployment and display its children components.

  3. Select the NAT network component to edit.

  4. Click Change NAT Rules from the Actions menu.

  5. Add new NAT port forwarding rules, reorder rules, edit existing rules, or delete rules.
  6. When you have finished making changes, click Save or Submit to submit the reconfiguration request.